Slashdot videos: Now with more Slashdot!

View

Discuss

Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).

Same here. For the past week or two I have been experiencing all sorts of glitches, stoppages and buffering through Netflix. My local ISP on demand service is fine though. Before last week everything was awesome!

Called my ISP about it - they said contact Netflix.

Maybe Netflix should add net neutrality to the House of Cards story arc to get the word out???

Why did you make the logo smaller but increase the overall height of the top navbar? (now you have more wasted space up there for what?)

Why did you change the "Slashdot Green" colour? We all like the current green (the new green appears washed out).

Why are the Icons no longer beside the story titles? (the icons have always been a big part of the Slashdot "brand" and help with readability.)

Why did you remove the "Slashdot Green" title bars on all the stories? The title bars are also a big part of the Slashdot "brand" and also help with readability by clearly dividing the stories and providing an easy to see visual cue that delineates the new stories and even the comment threads.

Why did you remove the tags and/or make them boring? The tags added some dry humour to the stories (eg. whatcouldpossiblygowrong) which while subtle, was also a part of the Slashdot experience. Little unique details make a difference. Now the tags seem to be gone or just generic boring categorizations.

Why are you cutting off the Summary on the Homepage View? (reading the full summary without having to click anything is imperative to ensuring the website is readable.)

Why did you remove the Slashdot Green Title Bars from the comment threads? (the green title bars create an easy to see delineation between the comments and are easy to see even when scrolling fast. (they are also part of that Slashdot Brand I was talking about)

Why is there so much more padding and spacing between everything? Why are the font sizes so much larger? Did your user base suddenly become senior citizens?

Over the past decade the Slashdot logo, the Slashdot green, the title bars and icons, unique details and config options have become part and parcel of the "Slashdot Brand". It's what makes Slashdot unique. By ignoring this you weaken your brand and your reader's loyalty. You are basically stripping away all that is Slashdot without adding anything useful or new!!!!

jest3r (458429) writes "Lavabit won a victory in court and were able to get the secret court order unsealed. The ACLU's Chris Soghoian called it the nuclear option. The court order revealed the FBI demanded Lavabit turn over their root SSL certificate, something that would allow them to monitor the traffic of every user of the service.

Lavabit offered an alternative method to tap into the single user in question but the FBI wasn't interested.

Lavabit could either comply or shut down. As such no US company that relies on SSL encryption can be trusted with sensitive data. Everything from Google to Facebook to Skype to your bank account is only encrypted by SSL keys, and if the FBI can force Lavabit to hand over their SSL key or face shutdown they can do it to anyone."Link to Original Source

All the hacker has to do is embed a link or image into an email and send that email to the Yahoo account of the victim. The victim then logs in and clicks the link or views the images. Assuming Yahoo doesn't filter out he embedded code the hackers gets the victim's cookies.

Obviously more complicated because you need to mask your embedded code to get through the filters but that is the basis of the XSS hack that has been hitting Yahoo all year...

And because the sessions on the server never expire the hacker can gain access. I'm not sure how https would help in this scenario.

- Basically you need to pass a salted, hashed version of the session ID or random string (as a hidden form field) on all page views or form submissions and check that against both the session cookie and the hidden form field to make sure the cookie is coming from the original source (since there would be no way for the hacker to get that string as well). And invalidate the session if it doesn't match up. Also expire and delete the sessions after 6 hours of inactivity would help as well.

If you own a Review Website... time to move the hosting outside of the USA.

Why does the hosting provider have to get involved anyways? Isn't the content of the website the responsibility of the domain owner? Someone please explain why the hosting company would have shut the entire website down if they didn't remove the page?